Integrated Physical and Cybersecurity for Governments and Business

“Integrated Cybersecurity“Integrated Cybersecurity
& Physical Security for& Physical Security for
1“Integrated Cyber“Integrated Cyber--Physical Security forPhysical Security for
Governments and Business”Governments and Business”
Paris, France – 13th & 14th October 2014
© Dr David E. Probert : www.VAZA.com ©
30th International East/West Security Conference
& Physical Security for& Physical Security for
Dr David E. ProbertDr David E. Probert
VAZAVAZA InternationalInternational
Dr David E. ProbertDr David E. Probert
VAZAVAZA InternationalInternational
Dedicated to the Memory of Edwin James Williams

...or the Challenging Complexity of Securing...or the Challenging Complexity of Securing
Government & Business inGovernment & Business in CyberspaceCyberspace!...!...
2
“Integrated Cyber“Integrated Cyber--Physical Security forPhysical Security for

Smart Sustainable SecuritySmart Sustainable Security –– “Theme Trilogy”“Theme Trilogy”
Theme (1)Theme (1) –– SmartSmart Security :Security : Integrated Cybersecurity and Physical SecurityIntegrated Cybersecurity and Physical Security
-- Understanding and Mapping the Worldwide Cyber ThreatsUnderstanding and Mapping the Worldwide Cyber Threats
-- Transition to Smart Systems : Embedded Networked IntelligenceTransition to Smart Systems : Embedded Networked Intelligence
-- Emergence of Smart Security: Hybrid CyberEmergence of Smart Security: Hybrid Cyber--Physical ApplicationsPhysical Applications
“Operational“Operational ConvergenceConvergence ““ 1313thth Oct: 09:10Oct: 09:10 –– 09:5009:50
ThemeTheme (2)(2) –– National Security :National Security : Strategy, Models, and Road MapsStrategy, Models, and Road Maps
-- UN/ITUUN/ITU –– Global Cybersecurity Agenda and GuideGlobal Cybersecurity Agenda and Guide
-- Operations, Technology, Legal, Training, PartnershipsOperations, Technology, Legal, Training, Partnerships
3
-- UN/ITUUN/ITU –– Global Cybersecurity Agenda and GuideGlobal Cybersecurity Agenda and Guide
-- Operations, Technology, Legal, Training, PartnershipsOperations, Technology, Legal, Training, Partnerships
-- Case Studies of “National Cybersecurity Agencies”Case Studies of “National Cybersecurity Agencies”
“Architecture & Standards”“Architecture & Standards” 1313thth Oct: 14:30Oct: 14:30 –– 15:1015:10
Theme (3)Theme (3) -- Critical Security :Critical Security : Sector Threats and Smart SolutionsSector Threats and Smart Solutions
-- Smart Security for Critical National Infrastructure (CNI):Smart Security for Critical National Infrastructure (CNI):
-- Finance, Transportation, ITC, Energy, Defence and more!...Finance, Transportation, ITC, Energy, Defence and more!...
-- Engineering Smart Technical and Operational SolutionsEngineering Smart Technical and Operational Solutions
“Intelligent Applications”“Intelligent Applications” 1414thth Oct:Oct: 11:1511:15 –– 11:5511:55
Download SlideDownload Slides:s: www.valentina.net/Eastwww.valentina.net/East--West2014/West2014/

PersonalPersonal “Eastern Experiences”:“Eastern Experiences”: 19911991 -- 20142014
•• ArmeniaArmenia
•• BelarusBelarus
•• KazakhstanKazakhstan
•• PolandPoland
•• BulgariaBulgaria
•• Czech RepublicCzech Republic
•• GeorgiaGeorgia
•• HungaryHungary
•• PolandPoland
•• RomaniaRomania
•• RussiaRussia
•• SlovakiaSlovakia
•• UkraineUkraine
Projects includingProjects including Cybersecurity, eGovernance & Internet SolutionsCybersecurity, eGovernance & Internet Solutions

Cybersecurity for Armenia and GeorgiaCybersecurity for Armenia and Georgia
5
Link: www.valentina.net/vaza/CyberDocs/

USAID eGovernance and Cybersecurity Mission:USAID eGovernance and Cybersecurity Mission:
Mt AragatsMt Aragats –– South Summit (3879m)South Summit (3879m) –– ArmeniaArmenia

UN/ITUUN/ITU -- CybersecurityCybersecurity Mission to Georgia, CaucasusMission to Georgia, Caucasus

Network Project Team:Network Project Team: Almaty, KazakhstanAlmaty, Kazakhstan
8

Campus Network Project Team:Campus Network Project Team:
-- Donetsk Technical UniversityDonetsk Technical University --
9

“Probert” Family History:“Probert” Family History: ”Hughesovka””Hughesovka”
10
Machine Workshop:Machine Workshop: DonetskDonetsk –– c1890c1890 Great GrandfatherGreat Grandfather : Edwin James WilliamsEdwin James Williams

19thC19thC “Troika Trip”“Troika Trip” NearNear “Hughesovka”“Hughesovka” withwith
Great Grandfather (Edwin James Williams)Great Grandfather (Edwin James Williams)
“Troika“Troika””–– Near Hughesovka (now Donetsk, Ukraine)Near Hughesovka (now Donetsk, Ukraine) –– c1890c1890 – www.Valentina.Net/ewww.Valentina.Net/e--archive.htmlarchive.html

Smart Sustainable CyberSmart Sustainable Cyber--Physical SecurityPhysical Security
11 –– Background PerspectivesBackground Perspectives 2 –Mapping Cyber Threats in Cyberspace 3 – Hybrid Cyber-Physical Security Threats
4 – Practical Models for Smart Security 5 – Transition to 21stC Smart Security 6 – Smart Security: Technology & Process
12
7 – Integration: Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Smart Security

Background Perspectives:Background Perspectives: 2121ststC Cyber WorldC Cyber World
•• Cultures:Cultures: Cyber and Physical Security have developed as quite
separate management operations, applications and cultures
•• Cyber Birth:Cyber Birth: Cybersecurity has mainstreamed during the last 20
years since the birth of the worldwide web, search & social media
Smart Security Operations:Smart Security Operations: This talk will show how government and
13
•• Smart Security Operations:Smart Security Operations: This talk will show how government and
business can significantly reduce 21stC security risks through Smart
& Resilient CyberCyber--Physical SecurityPhysical Security applications and operations
•• 2121ststC Security Models:C Security Models: During my “trilogy” of talks during the
conference I’ll present some practical 21stC security models,
solutions and architectures for both Governments and Business

Contrast between our Physical & Cyber WorldsContrast between our Physical & Cyber Worlds
Convergence to 21Convergence to 21ststC “Intelligent Worlds” will take time!C “Intelligent Worlds” will take time!
Physical WorldPhysical World
• Top-Down
• Dynamic
• Secrecy
• Territorial
• Government Power
• Control
• Direct
Cyber WorldCyber World
• Bottom-Up
• Self-Organising
• Transparency
• Global
• Citizen Power
• Freedom
• Proxy
• Direct
• Padlocks & Keys
• Convergent
• Hierarchical
• Carbon Life
• Tanks & Missiles
• Mass Media
• Proxy
• Passwords & Pins
• Divergent
• Organic
• Silicon Life
• Cyber Weapons & Botnets
• Social Media
“Smart Resilient Security” will require Embedded Networked Intelligence in ALL devices“Smart Resilient Security” will require Embedded Networked Intelligence in ALL devices

1 – Background Perspectives 22 –– MappingMapping Cyber Threats in CyberspaceCyber Threats in Cyberspace 3 – Hybrid Cyber-Physical Security Threats
15
4 – Practical Models for Smart Security 5 – Transition to 21 C Smart Security 6 – Smart Security: Technology & Process
7 – Integration: Cyber and Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Smart Security

““Visualisation of Cyberspace”:Visualisation of Cyberspace”: Global IP “WHOIS” AddressesGlobal IP “WHOIS” Addresses
16
…From 20…From 20ththC Physical World To 21C Physical World To 21ststC Cyberspace! ...C Cyberspace! ...

Malicious Cybercrime Activity inMalicious Cybercrime Activity in Global CyberspaceGlobal Cyberspace
Key: Hilbert Space-
Filling Curve Process
17
Link: www.team-cymru.org
Filling Curve Process

Categories ofCategories of CybersecurityCybersecurity ThreatsThreats
• The complexity of cyber threats means that several complimentary frameworks
have been developed that classify cybersecurity risks
• For this presentation we’ll focus on the categorisation developed by the
UN/ITU Telecommunications Study Group 17UN/ITU Telecommunications Study Group 17 as follows:
Category 1 :Category 1 : Unauthorised AccessUnauthorised Access – The systems & networks are accessed by
persons or “bots” that do not have legal access or permissions
Category 2 :Category 2 : Distributed Denial of Service Attacks (DDoS)Distributed Denial of Service Attacks (DDoS) – Such attacks are
used to target & disable a specific website or server using an army of infected machines
18
used to target & disable a specific website or server using an army of infected machines
Category 3 :Category 3 : Malicious CodeMalicious Code – Malware such as trojans, viruses & spyware are
embedded within host machines for both commercial & criminal purposes
Category 4 :Category 4 : Improper Use of SystemsImproper Use of Systems – In these cases, the systems are being used
for access and applications against the communicated policies
Category 5 :Category 5 : Unauthorised Access AND ExploitationUnauthorised Access AND Exploitation – Many attacks will fall
into this category when the hacker will penetrate systems and then use the acquired
data, information & documents for cybercriminal activities
Category 6 :Category 6 : Other Unconfirmed IncidentsOther Unconfirmed Incidents – These are alerts that require further
investigation to understand whether they are actually malicious

Typical Cybercrime ThreatsTypical Cybercrime Threats
(a)(a) –– Hardware & Software KeyloggersHardware & Software Keyloggers (b)(b) –– Email PhishingEmail Phishing
19
(c)(c) –– Advance Fee ScamAdvance Fee Scam (d)(d) –– Denial of ServiceDenial of Service

20

Map ofMap of RecentRecent Malicious Activity inMalicious Activity in “Cyberspace”“Cyberspace”
21
www.team-cymru.org : - Malicious Activity over 30 daysMalicious Activity over 30 days -- Sept 2014Sept 2014

RecentRecent CyberCyber Threats & Security FlawsThreats & Security Flaws
•• SHELLSHOCKSHELLSHOCK – Discovered 2424thth Sept 2014Sept 2014 – Security flaw in “Bash Software” that is
present in the Apple Mac OS X, Unix and Linux. Allows execution of malicious code that
could allow access to private data and remote control of server for orchestrated DDOS
“BOT” attacks to targeted victim networks.
22
•• HEARTBLEEDHEARTBLEED – Discovered April 2014April 2014 in OpenSSL Cryptography Library (widely used in
Transport Layer Security – TLS) as a buffer over-read security flaw. When exploited this
allows the theft of users private encryption “keys”, as well as passwords & session cookies

Commercialisation ofCommercialisation of “Cyber Toolkits”“Cyber Toolkits”
• Industrialisation and Mainstreaming of Cyber Attacks:
–– (1) Researchers & Cyber Software Creators of Malicious Codes(1) Researchers & Cyber Software Creators of Malicious Codes : Often creative
talented computer scientists that have turned their skills to tools for illegal
penetration & control of secure systems
–– (2) “Botnet”(2) “Botnet” -- Farmers & HerdersFarmers & Herders : They are responsible for the illegal
international distribution and infection of target “zombie” networked laptops
PCs & Servers within homes and offices. The malicious codes (malware such
as viruses & trojans) are spread through spam emails, infected websites and
23
as viruses & trojans) are spread through spam emails, infected websites and
“backdoor” attacks.
–– (3) “Commercial Botnet Dealers”(3) “Commercial Botnet Dealers” : They sell access to herds of “zombie”
infected machines. The embedded malicious code can be triggered to
stimulate “Denial of Service (DDoS)” attacks on target servers & websites.
The aim is usually to maximise economic and political damage upon the
targeted nation and associated businesses.
…..For further information see the ITU “BotNet” Mitigation Toolkit(2008)

Worldwide ComputerWorldwide Computer “Bot”“Bot” Infections: 2Q 2010Infections: 2Q 2010
24
Source:Source: MicrosoftMicrosoft –– Security Intelligence ReportSecurity Intelligence Report -- 20102010

Typical GlobalTypical Global“Botnet”“Botnet” CyberattackCyberattack
25

1 – Background Perspectives 2 – Mapping Cyber Threats in Cyberspace 33 –– HybridHybrid Cyber Physical Security ThreatsCyber Physical Security Threats
26
7 – Integrating Cyber & Physical Security 8 –Towards Smart ”Neural Society” 9 – Next Steps for Smart Security

Sources ofSources of CyberCyber Threats and AttacksThreats and Attacks
•• Cyber CriminalsCyber Criminals:: Digital Fraud & Forgery, Extortion, Digital “Advanced Fee”
Scams, ID Theft, Digital Money Laundering, Offensive & Pornographic
Materials, Drug Trafficking, Cyber Stalking & Hate Crimes.
•• Cyber Terrorists:Cyber Terrorists: Denial of Service, Website Defacement, Theft of Secret
Information & Intelligence, On-Line Blackmail, Disruption of Critical
Infrastructure such as Airports, Power Stations, Hospitals, and the National
Clearing Banking Networks.
27
•• Cyber WarfareCyber Warfare:: Closely related to cyber terrorism, and applied when there is
a concerted cyber attack from a region or nation against the infrastructure and
citizens of some other defined region or nation.
•• Cyber Hackers:Cyber Hackers: Skilled Individuals and “Researchers” that will initiate
malicious attacks for the penetration of secure systems and theft of secret
documents & databases from both governments & businesses.

Cyber ThreatCyber Threat Challenges for Governments & BusinessChallenges for Governments & Business
1) DDoS Denial of Service “Botnet” Attacks
2) Phishing Scams such as Advance Fee & Lottery Scams
3) Spam eMail with malicious intent
4) SQL Database Injection
5) XSS Cross-Scripting Java Script Attacks
6) Personal Identity Theft (ID Theft)
7) Malware, Spyware, Worms, Viruses & Trojans
28
7) Malware, Spyware, Worms, Viruses & Trojans
8) Embedded Sleeping Software “Zombie Bots”
9) Buffer Overflow Attacks
10) Firewall Port Scanners
11) Social Networking “Malware Apps”
12) Wi-Fi, Bluetooth & Mobile Network Intrusion
13) Keyloggers – Hardware and Software Variants

“Cyber to Physical Attacks”“Cyber to Physical Attacks”
• The illegal penetration of ICT systems may allow criminals to secure
information or “make deals” that facilities their real-world activities:
–– ““Sleeping Cyber Bots”Sleeping Cyber Bots” – These can be secretly implanted by skilled hackers to secure on-
line systems, and programmed to explore the directories & databases, and & then to
transmit certain information – Account & Credit Card Details, Plans, Projects, Deals
–– Destructive “Cyber Bots”Destructive “Cyber Bots” – If cyber-bots are implanted by terrorist agents within the
operational controls of power plants, airports, ports or telecomms facilities then
considerable physical damage may result. A simple “delete *.*” command for the root
directories would instantly wipe out all files unless the facility has real-time fail-over!
29
–– Distributed Denial of Service AttacksDistributed Denial of Service Attacks – These not only block access to system, but in the
case of a Banking ATM Network, means that the national ATM network has to be closed.
Alternatively in the case of an airline check-in and dispatch system, flights are delayed.
–– NationalNational CyberAttacksCyberAttacks – Many international organisations such as NATO & US DOD
forecast that future regional conflicts will begin with massive cyberattacks to disable their
targets’ physical critical communications and information infrastructure (CNI) Clearly it is
important for countries to upgrade their national cybersecurity to minimise the risks of
Hybrid CyberHybrid Cyber--Physical AttacksPhysical Attacks from terrorists, criminals, hacktivists and political adversaries

Hybrid CyberHybrid Cyber--PhysicalPhysical HacktivismHacktivism
“Anonymous” Attacks on BART“Anonymous” Attacks on BART -- Aug 2011Aug 2011
Physical ProtestsPhysical Protests by International HacktivistHacktivist
Group – “Anonymous”“Anonymous” - coupled with multiple
Web-Site Cyber AttacksCyber Attacks following incident on
Bay Area Transit NetworkBay Area Transit Network -- BARTBART –– San FranciscoSan Francisco

“Physical to Cyber Attacks”“Physical to Cyber Attacks”
• Most “physical to cyber attacks” involve staff, contractors or visitors performing
criminal activities in the “misuse of computer assets”:
–– Theft & Modification of ICT Assets:Theft & Modification of ICT Assets: It is now almost a daily occurrence for critical
information & databases to be either deliberately stolen or simply lost on PCs or Chips
–– Fake Maintenance Staff or ContractorsFake Maintenance Staff or Contractors: A relatively easy way for criminals to access
secure facilities, particularly in remote regions or developing countries is to fake their
personnel IDs and CVs as being legitimate ICT maintenance staff or contractors
31
–– Compromised Operations Staff:Compromised Operations Staff: Sometime operational ICT staff may be tempted by
criminal bribes, or possibly blackmailed into providing passwords, IDs & Access Codes.
–– Facility Guests and Visitors:Facility Guests and Visitors: It is standard procedure for guests & visitors to be
accompanied at all times in secure premises. In the absence of such procedures,
criminals, masquerading as guests or visitors, may install keylogger devices or extract
information, plans and databases to wireless enabled USB chips, tablets or phones!

Advanced Physical Perimeter ManagementAdvanced Physical Perimeter Management
• Critical Infrastructure such as Airports, Power Stations, Ports and
Telecommunications Facilities are often sited on large multi-building campuses
with a significant physical perimeter fence.
• Modern 21stC Technology can help to secure the perimeter, &
prevent access to the electronic cyber assets within the facility:
– Networked CCTV including Smart Video Analytics for Object Identification
32
– Networked CCTV including Smart Video Analytics for Object Identification
– Thermal Imaging and Movement Location with HD InfraRed Cameras
– Optical Fibres for Real-Time Intrusion Location using EM Field Analysis
– Buried Networked Wired or Wireless Motion Detection Sensors
– ANPR Vehicle Registration Number Plate Recognition for Perimeter Roads
– Professional Security Guards that are fully trained & certified in these Security Applications
........In summary, it is important never to neglect upgrading investment inIn summary, it is important never to neglect upgrading investment in
physical perimeter security in order to boost the security of ICT cyber assetsphysical perimeter security in order to boost the security of ICT cyber assets

“Historic” Cyber Attack Case Studies“Historic” Cyber Attack Case Studies
•• Estonia : May 2007Estonia : May 2007
– Targeted at Government & Banking Servers – and immobilised national & commercial economic
infrastructure for several days. This was one of the earliest “historic” massive DDos attacks
(Distributed Denial of Service) from unknown proxy sources.
•• Georgia : August 2008Georgia : August 2008
– Targeted at Government Servers including Parliament & Ministry of Foreign Affairs, and the
National & Commercial Banking Network from anonymous proxy sources.
•• South Korea : July 2009South Korea : July 2009
– Targets included the Defence Ministry, Presidential Offices, National Assembly, and Korea
Exchange Banks. This attack was also simultaneously targeted at various high-profile US Sites &
Servers such as the NY Stock Exchange, White House & Pentagon.
33
Servers such as the NY Stock Exchange, White House & Pentagon.
•• Iran, Indonesia & India : June 2010Iran, Indonesia & India : June 2010
– Computer worm known as StuxnetStuxnet discovered in Industrial Logic Controllers in several countries
including Iran , Indonesia and India. Stuxnet was the 1st known sophisticated “Designer” Cyber
Malware targeted on specific industrial SCADA Systems (Supervisory Control And Data
Acquisition). Duqu Malware (2011) is related to Stuxnet.
•• Middle East : May 2012Middle East : May 2012
– Sophisticated Modular Computer Malware known as FlameFlame or Skywiper is discovered infecting
computer networks in Middle Eastern Countries including Iran, Saudi Arabia, Syria, Egypt,& Israel
…...…...Small scale penetrations & cyber attacks continue on an almost 24/7 against almostSmall scale penetrations & cyber attacks continue on an almost 24/7 against almost
ALL countries including government & critical national & industrial infrastructure (CNI)ALL countries including government & critical national & industrial infrastructure (CNI)

“CyberWar”“CyberWar” StrategiesStrategies fromfrom Classic Works!Classic Works!
RecommendedRecommended
“Bedtime“Bedtime
Reading”Reading”
forfor
RecommendedRecommended
“Bedtime“Bedtime
Reading”Reading”
forfor
34
…Classic Works on…Classic Works on “War”“War” are just as relevant today for Cybersecurity as preare just as relevant today for Cybersecurity as pre--2121thth CC…Classic Works on…Classic Works on “War”“War” are just as relevant today for Cybersecurity as preare just as relevant today for Cybersecurity as pre--2121thth CC
forfor
CybersecurityCybersecurity
Specialists!Specialists!
forfor
CybersecurityCybersecurity
Specialists!Specialists!

Case Study: StuxNet WormCase Study: StuxNet Worm -- IndustrialIndustrial SCADASCADA SystemsSystems -- 20102010
Stuxnet Worm : 1st Discovered June 2010
35
SCADA = Supervisory Control & Data Acquisition
- Mainly for Power Stations & Industrial Plants -

CybersecurityCybersecurity for Social Networksfor Social Networks
•• Social Sites:Social Sites: During recent years, social & professional networking sites such as
Facebook and Linkedin have become the latest commercial targets for cybercriminals
•• Cyber ScamsCyber Scams include Identify Theft and requests for instant money transfers from
parents to support the “release” of children & friends overseas
•• CybercriminalsCybercriminals also sign-up as “friends” in order to infiltrate student & family
networks, and then to secure personal information & account details
•• PaedophilesPaedophiles also use these social networks in order to cultivate relationships with
children and teenagers below the “age of consent”
•• BusinessesBusinesses may be at risk if employees publish confidential company information on
36
•• BusinessesBusinesses may be at risk if employees publish confidential company information on
their social network accounts that may easily go public
•• FacebookFacebook now works with child protection authorities in countries such as a the UK so
that those at risk can quickly contact “help lines”
……Business and Government should consider ways to exploit the power of……Business and Government should consider ways to exploit the power of
social networking whilst protecting their own networks against attack.social networking whilst protecting their own networks against attack.

Mapping Social Media Networks:Mapping Social Media Networks: LinkedInLinkedIn

MyMy LinkedinLinkedin Social Media Map :Social Media Map : Armenia & GeorgiaArmenia & Georgia

Cybersecurity OperationsCybersecurity Operations & Policies for Wireless Networks& Policies for Wireless Networks
•• Perimeter ProtectionPerimeter Protection: Sentry Wireless Access Point Network around office/campus
•• Certificates:Certificates: End-User Encrypted Logon Certificates – EAP/802.1X
•• 24/7 Scanning:24/7 Scanning: Permanent Wireless Frequency Sentry Scanning against rogue devices
•• Prohibition:Prohibition: of attachment of personal wireless nodes (“Bring your Own” – BYO Policy)
39
•• 3G/4G Gadgets:3G/4G Gadgets: Management of Business PDAs and Smart Mobile Devices
•• Guests & Contractors:Guests & Contractors: All guest account access either fully secured or prohibited
•• 3G/4G Mobiles:3G/4G Mobiles: Sensitive government or business data should always be encrypted and
transmitted using secure VPN tunnel to home servers
......All businesses & governments now need to plan their strategies, operations and policies......All businesses & governments now need to plan their strategies, operations and policies
for BOTH Cyber and Physical Security , with some level of sharing & solutions integrationfor BOTH Cyber and Physical Security , with some level of sharing & solutions integration

SECURITYSECURITY FocusFocus SECURITYSECURITY ApplicationApplication CYBERSECURITY SOLUTIONCYBERSECURITY SOLUTION BenefitsBenefits
Access Control
Boundary Protection Firewalls Aim to prevent unauthorised access to or from a private network.
Content Management Monitor web, messaging and other traffic for inappropriate content such as spam,
banned file types and sensitive or classified information.
Authentication Biometrics Biometric systems rely on human body parts such as fingerprints, iris and voice to
identify authorised users
Smart tokens Devices such as smart cards with integrated circuit chips (ICC) to store and process
authentication details
Authorisation User Rights
and Privileges
Systems that rely on organisational rules and/or roles to manage access
System Integrity
Antivirus and
anti-spyware
A collection of applications that fight malicious software (malware) such as viruses,
worms, Trojan Horses etc
Integrity Checkers Applications such as Tripwire that monitor and/or report on changes to critical
information assets
Cryptography
Digital Certificates Rely on Public Key Infrastructure (PKI) to deliver services such as confidentiality,
authentication, integrity and non-repudiation
Summary of Cybersecurity Focus, Applications and Solution BenefitsSummary of Cybersecurity Focus, Applications and Solution Benefits
40
Virtual Private Networks Enable segregation of a physical network in several ‘virtual’ networks
Audit and Monitoring
Intrusion Detection
Systems (IDS)
Detect inappropriate, incorrect or abnormal activity on a network
Intrusion Prevention Systems (IPS) Use IDS data to build intelligence to detect and prevent cyber attacks
Security Events
Correlation Tools
Monitor, record, categorise and alert about abnormal events on network
Computer
Forensics tools
Identify, preserve and disseminate computer-based evidence
Configuration Management and Assurance
Policy Enforcement Applications Systems that allow centralised monitoring and enforcement of an organisation’s
security policies
Network Management Solutions for the control and monitoring of network issues such as security, capacity
and performance
Continuity of Operations tools Backup systems that helps maintain operations after a failure or disaster
Scanners Tools for identifying, analysing and reporting on security vulnerabilities
Patch Management Tools for acquiring, testing and deploying updates or bug fixes

1 – Background Perspectives 2 – Mapping Cyber Threats in Cyberspace 3 – Hybrid Cyber-Physical Security Threats
44 –– PracticalPractical Models for Smart SecurityModels for Smart Security 5 – Transition to 21stC Smart Security 6 – Smart Security: Technology & Process
41
44 –– PracticalPractical Models for Smart SecurityModels for Smart Security 5 – Transition to 21stC Smart Security 6 – Smart Security: Technology & Process
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Smart Security

2121ststC Smart Models for BusinessC Smart Models for Business
• From 1980s onwards, many Enterprises started to deploy ICT networks, and
then to “flatten” their organisations from Hierarchical to Hybrid.
• In the 21stC, Business is now starting to fully deploy more advanced ICT
Solutions using the “Smart Design Principles”“Smart Design Principles” that we summarise below:
–– SpaceSpace--Time Awareness:Time Awareness: Utilise GPS Location and RFID Technologies to Track and Trace both
Products, Staff and all moveable Business Assets to provide Real-Time Corporation
–– AdaptationAdaptation to Markets, New Product Features, Delivery Logistics, Minimise Stock Levels
–– Massive Memory & Storage:Massive Memory & Storage: Low Cloud Storage Costs permit massive data mining on
42
–– Massive Memory & Storage:Massive Memory & Storage: Low Cloud Storage Costs permit massive data mining on
customer orders, profiles, search and buying behaviours. Already used by major international
supermarket chains & global on-line players such as Amazon, eBay, Google.
–– Sustainable Security :Sustainable Security : Integrated adaptive management of cyber and physical security
–– SelfSelf--OrganisationOrganisation:: Empower staff for Local Decisions with almost “Flat Organisation”
–– Scalable ArchitectureScalable Architecture:: Building Business as Cellular Organisation using High-Speed Nets
–– Systems Integration:Systems Integration: Many Businesses need to integrate their on-line cyber & traditional
physical operations to provide a integrated & coherent cyber-physical managed operation
...Now for examples of smart systems...Now for examples of smart systems –– “Self“Self--Organisation” & “Scalability” in scienceOrganisation” & “Scalability” in science

Cyber “Genes” forCyber “Genes” for Smart SystemsSmart Systems
• Intelligent Systems, either Artificial or Organic – Living Systems - are
based on just a few shared common principles that include:
1)1) SpaceSpace--Time Awareness:Time Awareness: Location (GPS) & Real-Time Clocks
2)2) Learning, Adaptation & SelfLearning, Adaptation & Self--Organisation:Organisation: Real-Time Intelligence
3)3) Massive Memory & Storage:Massive Memory & Storage: Local & Remote Cloud Storage
4)4) Sustainable Security :Sustainable Security : Embedded Smart Security – Everywhere!
5)5) Scalable Networked Architecture:Scalable Networked Architecture: Smart Architectures will need to scale
43
5)5) Scalable Networked Architecture:Scalable Networked Architecture: Smart Architectures will need to scale
in space & time from micro cells to macro solutions
6)6) Decision Focus:Decision Focus: “Knowledge Lens” for Data Mining & “Big Data” from
Social Networks, Search & On-Line Commerce
7)7) Systems Integration:Systems Integration: Cyber and Physical Solutions & Operations
……Advanced ICT Solutions now provide ALL these “Genetic” Functions……Advanced ICT Solutions now provide ALL these “Genetic” Functions
which will enable us to designwhich will enable us to design Smart CyberSmart Cyber--Physical Security SolutionsPhysical Security Solutions

Smart Decision PrinciplesSmart Decision Principles -- “D“D--Genes”Genes”
•• Business DecisionsBusiness Decisions require focusing & filtering of Big Data
sources in Space-Time to create local knowledge (Data
Mining). Hence a useful metaphor is the “Knowledge Lens”:
– Smart Decision “Genes” = Space, Time and Information Focus
– Conceptual “Knowledge Lens” can filter and focus information in
“Space” from searching Big Data Sets to a Small focused Short-List
44
– The “Knowledge Lens” can focus information & present in real-time,
possibly as an stream of multi-media news or market intelligence
•• “Knowledge Lens”:“Knowledge Lens”: This concept can be a useful architectural principle
in the design of smart securitysmart security, smart business & smart governance
....21stC Cyber Attacks (such as Denial of Service) occur in real....21stC Cyber Attacks (such as Denial of Service) occur in real--time @Optical Speedstime @Optical Speeds
via worldwide proxy servers, so ultra fast analysis, decisions and action is a must!via worldwide proxy servers, so ultra fast analysis, decisions and action is a must!

Smart Learning PrinciplesSmart Learning Principles -- “L“L--Genes”Genes”
•• Smart LearningSmart Learning requires: Self-Organisation, Adaptation, Memory and
Scalable Architecture. The Decision “Genes” are relatively traditional
whilst these new Learning “Genes” lie at the heart of Smart Security.
–– SelfSelf--OrganisationOrganisation & Adaptation are essential principles of living systems
and communities which include the well known self-organisation of insect
roles in communities such as ants & bees.
Cellular AutomataCellular Automata demonstrate relatively complex behaviour from simple
45
–– Cellular AutomataCellular Automata demonstrate relatively complex behaviour from simple
mathematical rules, as in Conway’s “Game of Life”
–– Simple Dynamic Recursive MapsSimple Dynamic Recursive Maps such as x => 4x(1-x) also result in
complex chaotic behaviour as found in real world insect populations
–– Scalable ArchitectureScalable Architecture is also an essential feature of both plants & animal
life, and Mandelbrot’s theory of Fractal Curves provides vivid examples.
•• Current Trends:Current Trends: Research into Learning, Self-Organisation & Adaptation
remains extremely active in both ICT R&D Labs & Academic Institutions

“How to Build Smart Security Solutions?”“How to Build Smart Security Solutions?”
• Conceptually - Smart Solutions all use combinations of these
basic ICT “genes” shared with Intelligent Living Systems:
1)1) Hybrid Organisation:Hybrid Organisation: Hierarchical (Pyramid) & Organic (Networked)
2)2) Smart Decision Principles (DSmart Decision Principles (D--Genes):Genes): Space, Time and Focus
46
3)3) Smart Learning Principles (LSmart Learning Principles (L--Genes):Genes): Memory, Scaling & Adaptation
4)4) Smart Solutions & Business Architecture:Smart Solutions & Business Architecture: Integration of the Decision +
Learning “Genes”, within a Secure & Resilient Systems Environment
=> “SMART SECURE BUSINESS”!=> “SMART SECURE BUSINESS”!

21stC Architectures for Smart Business Sectors21stC Architectures for Smart Business Sectors
• We can also design new economic architectures using our Smart
Design Principles & then customise sector by sector. We focus upon
adaptation, scaling, massive data, & network transparency:
–– Education & Research:Education & Research: Transition from Monolithic to Niche Networks
–– HealthCare & Social Welfare:HealthCare & Social Welfare: Telemedicine for towns & villages
–– Banking & Finance:Banking & Finance: “Real-Time” financial & commodity trading
–– Transportation:Transportation: Smart Airports, Roads and Transportation Services
–– ICT Infrastructure:ICT Infrastructure: Launch 3G/4G Mobile Networks, and maximise Internet
47
–– ICT Infrastructure:ICT Infrastructure: Launch 3G/4G Mobile Networks, and maximise Internet
Services, Local Wireless Hubs & eGovernance across all supported Regions
–– National Security & DefenceNational Security & Defence:: Both for Physical Borders & CyberSpace
–– Travel & Tourism:Travel & Tourism: Major opportunities for on-line bookings & marketing
–– Energy & Utilities:Energy & Utilities: Secure Management of National Energy & Utility Grids
•• Tomorrow morning we’ll explore the practical design requirements ofTomorrow morning we’ll explore the practical design requirements of
Smart Security Solutions for Critical National Infrastructure (CNI) .....Smart Security Solutions for Critical National Infrastructure (CNI) .....

48
4 – Practical Models for Smart Security 55 –– TransitionTransition to 21stC Smart Securityto 21stC Smart Security 6 – Smart Security: Technology & Process

Transition from 20Transition from 20ththC to 21C to 21ststC Smart SecurityC Smart Security
•• Cybersecurity 2015Cybersecurity 2015--2025:2025:
– Every country in the world will need to transition from the traditional 20thC
culture & policy of massive physical defence to the connected “neural”
21stC world of in-depth intelligent & integrated cyber defence solutions
•• National Boundaries:National Boundaries:
– Traditional physical defence and geographical boundaries are still strategic
national assets , but they need to be augmented through integrated cyber
defence organisations & assets.
49
defence organisations & assets.
•• Critical National Information Infrastructure:Critical National Information Infrastructure:
– 21stC national economies function electronically, & yet they are poorly
defended in cyberspace, and very often open to criminal & political attacks
•• MultiMulti--Dimensional Cyber Defence:Dimensional Cyber Defence:
– Nations need to audit their critical infrastructure – government, banks,
telecommunications, energy, & transport – and to upgrade to international
cybersecurity standards based upon accepted “best practice” (ISO/IEC)

4 – Practical Models for Smart Security 5 – Transition to 21stC Smart Security 66 –– Smart Security: Technology & ProcessSmart Security: Technology & Process
50
4 – Practical Models for Smart Security 5 – Transition to 21stC Smart Security 66 –– Smart Security: Technology & ProcessSmart Security: Technology & Process

Smart Security:Smart Security: Integrating Cyber & PhysicalIntegrating Cyber & Physical
•• Dual Operations:Dual Operations: Security is often managed under separate management for
physical building & personnel security and IT Computer & Network security. In
addition, the risks are continuously evolving so an adaptive model is essential!
•• ISO Security Standards:ISO Security Standards: Smart Sustainable Security requires operational
linkages & integration between cyber and physical security in order to meet
current ISO 27xxx Security Standards, and to minimise risk of cyber attacks.
51
current ISO 27xxx Security Standards, and to minimise risk of cyber attacks.
–– Physical Security:Physical Security: Buildings, People, National Borders, Government Ministries
–– Cybersecurity:Cybersecurity: Computers, Storage, Networks, Applications, Mobile Devices
•• “Smart Sustainable Security” will be discussed “in“Smart Sustainable Security” will be discussed “in--depth” later withindepth” later within
tomorrow’s session on Cybersecurity for Critical National Infrastructure (CNI)tomorrow’s session on Cybersecurity for Critical National Infrastructure (CNI)

Computer Emergency Response Team (Computer Emergency Response Team (CERTCERT))
52
Also known as CSIRTCSIRT : Computer Security Incident Response Team

ENISA: EuropeanENISA: European CERTCERT NetworkNetwork
53

ENISA:ENISA: CSIRT/CERTCSIRT/CERT GuidebookGuidebook
54

DesigningDesigning ”Smart Security””Smart Security” OperationsOperations
• Securing information and assets in the virtual world of cyberspace requires the
discipline of rigorous operational security solutions and policies in the real-world
according to accepted UN/ITU & ISO/IEC Standards:
–– CERT:CERT: Implementation of National, and Enterprise Computer Incident Response Teams (CERTs)
–– C&C:C&C: Integrated Command and Control Operations (including fail-over control rooms)
–– BCP/DRBCP/DR:: Business Continuity & Disaster Recovery (for cybercrimes, terrorism & disasters)
55
–– BCP/DRBCP/DR:: Business Continuity & Disaster Recovery (for cybercrimes, terrorism & disasters)
–– Forensics:Forensics: Integrated Digital Forensics, eCrime Unit & Cyber Legislation against Cybercrimes
–– Access:Access: Traditional Physical Security Defences (including guards & perimeter fences)
.....Many criminal attacks happen through a penetrating combination of physical & cyber systems.
.... Breaking into a physical building may allow a criminal to gain access to secure ICT zones.... Breaking into a physical building may allow a criminal to gain access to secure ICT zones
.....Massive Data Files can be then easily downloaded to chips, phones or other storage drives

Summary of Physical Security & Operational SolutionsSummary of Physical Security & Operational Solutions
•• Networked Solutions:Networked Solutions: Physical security and the Operational Solutions are increasingly
based upon sophisticated electronic networked solutions, including biometrics, smart
CCTV, intelligent fences, and RFID Access Devices
•• Convergence:Convergence: Operations for “Physical Security” and “Cybersecurity” will need to be
slowly converged & integrated during the next few years both from a personnel, assets,
resources and operational budget perspective
56
resources and operational budget perspective
•• Security Benefits:Security Benefits: The benefits of integrating cyber and physical security are reduced
running costs, reduced penetration risk, and increased early warning of potential attack
whether from criminals, hackers or terrorists.
…..Next we’ll consider the integration of physical and cybersecurity in…..Next we’ll consider the integration of physical and cybersecurity in
some more detail, including the modes of attack & overall benefitssome more detail, including the modes of attack & overall benefits

Benefits of Integrated CyberBenefits of Integrated Cyber –– Physical SecurityPhysical Security
• Some of the key benefits from integrating cybersecurity technology solutions with rigorous
physical operational processes and policies are:
–– Reduced Operational CostsReduced Operational Costs, through “Single Security Organisation” under a CSO/CISO
–– Early WarningEarly Warning of both Physical or Cyber Penetration through comprehensive surveillance
–– Extended ProtectionExtended Protection of ALL Critical Physical and On-Line Assets
–– Focused Security PolicyFocused Security Policy for Government, Businesses and Citizens
–– Risks:Risks: Reduced “Open World” Security Risks from Smart Mobile Devices ,“Apps” & Web2.0
–– CyberCrime:CyberCrime: Comprehensive Management and Control of National Cybercrime
57
–– CyberCrime:CyberCrime: Comprehensive Management and Control of National Cybercrime
–– CNI:CNI: Critical Infrastructure such as Banks, Power Stations and Airports are better protected
–– National DefenceNational Defence:: Countries now need to be 100% protected both in physical & cyberspace
….In summary, the practical 21st approach to integrated “smart” securityintegrated “smart” security is a combination of
technologicaltechnological solutions together with rigorously enforced operationaloperational procedures, all implemented
to recognised international security standards such as those of the UN/ITU and ISO/IEC
….Later we will consider these UN/ITU & ISO/IEC cybersecurity standards in more depth, and also….Later we will consider these UN/ITU & ISO/IEC cybersecurity standards in more depth, and also
discuss specific organisational models for National Cybersecurity Agencies and eCrime Unitsdiscuss specific organisational models for National Cybersecurity Agencies and eCrime Units

Smart Security Benefits:Smart Security Benefits: Business & GovernmentBusiness & Government
• Improvements in integrated “smart” security will provide significant benefits to
National Governments, Business & Critical National Service Sectors including:
–– eGovernment:eGovernment: Fully secure & cost effective delivery of on-line services to both
citizens and businesses, such as taxes & customs, social welfare, civil & land
registries, passports & driving licences
–– eDefence:eDefence: Early warning, alerts and defences against cyber attacks through
national CERT (Computer Emergency Response Centre)
58
–– Cybercrime:Cybercrime: Investigate, Digital Forensics and Prosecution of cybercrimes such ID
& Financial Theft, “Computer Misuse, Laundering, On-Line Drug Trafficking &
Pornographic Materials
–– Cyberterrorism:Cyberterrorism: Ability to assess, predict and prevent potential major cyber
terrorist attacks, and to minimise damage during events
–– Power & Water Utilities:Power & Water Utilities: Prevent malicious damage to SCADA control systems
–– Telecommunications:Telecommunications: Top security of government communications with
alternative routings, encryption & protection against cyber attack

-- Smart Sustainable Security in the Wild!Smart Sustainable Security in the Wild! --
The Sociable Weaver Bird
“World’s largest Bird Nests”
*** Southern Africa ***
59
•Secure Living Community
•Self-Organising Architecture
•Fully scalable for long term growth
•Supports 250+ Weaver Birds
•Real-Time Disaster Alert System
•Sustainable in Semi-Desert Steppe
•Robust against “Enemy Risks”
such as Eagles, Vultures & Snakes
...all the features of a 21stC-“Cyber Defence Centre”–including Disaster Recovery & Business Continuity!

60
77 –– IntegratingIntegrating Cyber & Physical SecurityCyber & Physical Security 8 – Towards Smart “Neural Society” 9 – Next Steps for Smart Security

Cyber Integration withCyber Integration with Physical SecurityPhysical Security OperationsOperations
• Cybersecurity for Government, Business & Critical Service Sectors should be
tightly integrated with operational physical security solutions including:
1) Advanced CCTV Camera Surveillance of the Secure Government & Critical Facilities
2) Exterior ANPR (Automatic Number Plate Recognition) Systems for Car Parking &
Entrances
3) Integration of the Cyber CERT/CSIRT with physical CCTV & Alarm Control Centres
4) Personnel RFID and/or biometrics office & campus access controls
5) Professionally trained security personnel & guards – 24/7 – for top security facilities
6) Implemented facility security policy for staff, visitors and contractors
61
6) Implemented facility security policy for staff, visitors and contractors
7) Intelligent perimeter security controls for campuses and critical service facilities such as
airports, power stations, refineries, military bases, hospitals and government
institutions
8) On-Line Audit trails and Electronic Log-Files for secure Physical Facilities
9) Focus upon in-depth physical security for computer server rooms, data storage &
archives
..….All critical information infrastructures on multi..….All critical information infrastructures on multi--building campus sites such as airports,building campus sites such as airports,
universities, hospitals, military bases, leisure resorts & government agencies requireuniversities, hospitals, military bases, leisure resorts & government agencies require
“Integrated Cyber“Integrated Cyber--Physical Security Operations”Physical Security Operations” = “SMART SECURITY”= “SMART SECURITY”

Physical Security & Surveillance SolutionsPhysical Security & Surveillance Solutions
• The comprehensive security of electronic information, data and assets also
requires corresponding upgrades in the physical & operational security for the
offices, facilities and ICT server & storage rooms:
–– Reception, Facility and Office AccessReception, Facility and Office Access for Staff, Contractors and Visitors
–– Advanced SmartAdvanced Smart Perimeter ManagementPerimeter Management for Campus Sites, Airports & Bases
62
–– Integrated CCTV/ANPRIntegrated CCTV/ANPR Intelligence Surveillance
–– Biometrics and RFIDBiometrics and RFID Identification for Personnel and Mobile Assets
……Traditionally physical security was managed independently from the ICT security.
However, many businesses & governments now understand that security is improved at
lower cost & risks through the integrated management of cyber & physical resources

BiometricsBiometrics andand RFIDRFID Security ApplicationsSecurity Applications
•• BiometricsBiometrics techniques may include:
– Finger and Palm Prints
– Retinal and Iris Scans
– 3D Vein ID
– Voice Scans & Recognition
– DNA Database – usually for Criminal Records
– 3D Facial Recognition
63
•• RFIDRFID== Radio Frequency ID with applications that include:
– Personal ID Cards for Building, Facility and Secure Room Access
– Tags for Retail Articles as a deterrence to shoplifting
– Powered RFID Tags for Vehicles to open Barriers, Doors, or switch traffic lights
– Plans to use RFID Tags for Perishable Products such as vegetables and flowers
– Asset Tags to manage the movement of ICT Assets such as Laptops, PDA & Storage
…..Both…..Both BiometricsBiometrics andand RFIDRFID Technology Solutions can be powerful tools against cybercrimeTechnology Solutions can be powerful tools against cybercrime

TraditionalTraditional “Physical Security”“Physical Security” DefencesDefences
in the context of “Cybersecurity”in the context of “Cybersecurity”
•• Compliance:Compliance: Investments in establishing and upgrading cybersecurity defences against
cybercrime means that all physical security and associated operational staff should also be
reviewed for compliance with policies, and audited to international standards
•• Integration:Integration: Physical and Cybersecurity operations should be linked “step-by-step” at the
command and control level in the main government or enterprise operations centre.
•• Physical SecurityPhysical Security for critical service sectors such as governments, airports, banks,
64
•• Physical SecurityPhysical Security for critical service sectors such as governments, airports, banks,
telecommunications, education, energy, healthcare and national defence should be included
within the strategy and policies for Cybersecurity and vice versa
•• Upgrades:Upgrades: In order to maximise security, Government and Businesses need to upgrade and
integrate resources & plans for both physical & cybersecurity during the next years.
•• Roadmap:Roadmap: I’d recommend developing a focused total security action plan and roadmap
(Physical & Cyber) for each critical sector within YOUR National Economy & Enterprises

4 – Transition to 21stC Sustainable Security 5 – Transition to 21stC Smart Security 6 – Smart Security: Technology & Process
65
4 – Transition to 21 C Sustainable Security 5 – Transition to 21 C Smart Security 6 – Smart Security: Technology & Process
7 – Integrating Cyber & Physical Security 88 –– TowardsTowards SmartSmart “Neural Society”“Neural Society” 9 – Next Steps for Smart Security

21stC Smart Security:21stC Smart Security: TowardsTowards “Neural Society”“Neural Society”
•• RealReal--Time Security Operations:Time Security Operations:
– Secure and monitor every cyber asset and critical physical asset through IP Networking, RFID
Tagging & communication of status to operations centre
•• Augmented Reality:Augmented Reality:
– Multimedia virtual world overlays on data from the real physical world, through head-up
displays & other forms of embedded sensors & displays
•• BioNeural Metaphors:BioNeural Metaphors:
– Further developments of self-organising and autonomous systems for monitoring and
responding to cyber alerts & potential attacks in real-time
66
responding to cyber alerts & potential attacks in real-time
•• 3D Adaptive Modelling:3D Adaptive Modelling:
– Adaptive 3D computer modelling of physical buildings, campuses & cities, as well as dynamic
models of extended enterprises networks. The aim is to visualise, model & respond to security
alerts with greater speed & precision
•• Hybrid Security Architectures:Hybrid Security Architectures:
– Effective integrated security requires management through hybrid hierarchical and “peer-to-
peer” organisational architectures. Living organic systems also exploit such hybrid architectures
for optimal command & control

4 – Practical Models for Smart Security 5 – Transition to 21stC Smart Security 6 - Smart Security: Technology & Process
67
4 – Practical Models for Smart Security 5 – Transition to 21stC Smart Security 6 - Smart Security: Technology & Process
7 – Integrating Cyber & Physical Security 8 – Towards Smart “Neural Society” 99 –– Next Steps for SmartNext Steps for Smart SecuritySecurity

Integrated Cyber & Physical Security:Integrated Cyber & Physical Security: “The Shopping List”“The Shopping List”
...Smart Security for Business & Government is a Multi...Smart Security for Business & Government is a Multi--Year Programme!Year Programme!
1)1) National Cybersecurity AgencyNational Cybersecurity Agency:: Establishment of a CERT/CSIRT & National
Government Cybersecurity Agency within the Government Ministries
2)2) CNI:CNI: Long Term Critical National Infrastructure Protection (CNI)
3)3) System UpgradesSystem Upgrades:: Technical Infrastructure Upgrades including Hardware,
Software, Databases, Secure Network Links, Biometrics & RFID
4) BackBack--UpUp:: Disaster Recovery, Business Continuity and Back-Up Systems
5)5) PhysicalPhysical :: Physical Security Applications – CCTV, Alarms, Control Centre
68
5)5) PhysicalPhysical :: Physical Security Applications – CCTV, Alarms, Control Centre
6)6) Awareness CampaignAwareness Campaign:: Government Campaign for Cybersecurity awareness
7)7) TrainingTraining:: National Cybersecurity Skills & Professional Training Programme
8)8) EncryptionEncryption:: National User & Systems PKI Authentication Programme
9)9) Laws:Laws: Programme for Drafting and Enforcing Cyber Laws, Policies & Regulations
..….It is also important to develop an in..….It is also important to develop an in--depth economicdepth economic “Cost“Cost--Benefit”Benefit” analysis andanalysis and
Business Case in order to evaluate theBusiness Case in order to evaluate the “Return on Investment”“Return on Investment” for Smart Securityfor Smart Security

Virtual Integration of Physical and Cyber SecurityVirtual Integration of Physical and Cyber Security
Integrated CSOIntegrated CSO--led Management Teamled Management Team –– Merged HQ OperationsMerged HQ Operations
Physical Security OperationsPhysical Security Operations Cyber Security OperationsCyber Security Operations
Smart SecuritySmart Security == Virtual IntegrationVirtual Integration
SharedShared
AlertsAlerts
69
Corporate CSOCorporate CSO--led Security Teamled Security Team
ONEONE –– Shopping List!Shopping List!
Integrated Management,Integrated Management,
Training, Standards, PlansTraining, Standards, Plans
ONEONE –– Architecture!Architecture!
Smart SecuritySmart Security == Virtual IntegrationVirtual Integration
FinalFinal phase ofphase of CyberCyber--Physical IntegrationPhysical Integration -- Embedded Intelligence in ALL DevicesEmbedded Intelligence in ALL Devices -- Internet of ThingsInternet of Things

“Cyber“Cyber –– Physical Security Operations”Physical Security Operations”
Convergence to Smart Resilient Security SolutionsConvergence to Smart Resilient Security Solutions
•• IP Networks:IP Networks: Physical security and associated Operational Solutions are increasingly based upon
sophisticated electronic networked solutions, including biometrics, smart CCTV, intelligent perimeter
fences, embedded active & passive RFID Devices and networked real-time sensors
•• Convergence:Convergence: CSO-led Management operations for “Physical Security” and “Cybersecurity” will
steadily converge & become integrated during the next few years from staff, assets, resources &
operational budget perspectives = “Smart Resilient Security”“Smart Resilient Security”
•• Smart Security in 3 Phases:Smart Security in 3 Phases: Cyber-Physical Security Integration will evolve over 5 -10 years
70
•• Smart Security in 3 Phases:Smart Security in 3 Phases: Cyber-Physical Security Integration will evolve over 5 -10 years
11stst PhasePhase –– Virtual OperationalVirtual Operational IntegrationIntegration -- CSOCSO managed Security Teammanaged Security Team
22ndnd PhasePhase –– Integrated ArchitecturesIntegrated Architectures and Standardsand Standards –– ONEONE CyberCyber--Physical ModelPhysical Model
33rdrd PhasePhase –– Embedded IntelligentEmbedded Intelligent Integration ofIntegration of ALLALL DevicesDevices -- Internet of ThingsInternet of Things
•• Business Benefits:Business Benefits: The benefits of integrating cyber and physical security for both Business and
Governments are reduced running costs, reduced penetration risk, and increased early warning of co-
ordinated cyber-physical security attacks, whether from criminals, hackers or terrorists.
…...thethe “Cyber“Cyber--Vardzia”Vardzia” White Paper for Georgia discusses Cybersecurity andWhite Paper for Georgia discusses Cybersecurity and
Physical security in some depth, as well as their convergence and integration!Physical security in some depth, as well as their convergence and integration!

Case Study: White Paper: 21Case Study: White Paper: 21stst C GeorgiaC Georgia –– “Cyber“Cyber--Vardzia”Vardzia”
71
Web LinkWeb Link :: www.Valentina.net/vardzia/Georgia2010.pdfwww.Valentina.net/vardzia/Georgia2010.pdfWeb LinkWeb Link :: www.Valentina.net/vardzia/Georgia2010.pdfwww.Valentina.net/vardzia/Georgia2010.pdf

“Integrated Cyber“Integrated Cyber--Physical Security”Physical Security”
3030thth EastEast--West Security ConferenceWest Security Conference –– Paris, FranceParis, France
“Integrated Cyber“Integrated Cyber--Physical Security”Physical Security”
3030thth EastEast--West Security ConferenceWest Security Conference –– Paris, FranceParis, France
72
Presentation Slides:Presentation Slides:
www.Valentina.net/Eastwww.Valentina.net/East--West2014/West2014/
Presentation Slides:Presentation Slides:
www.Valentina.net/Eastwww.Valentina.net/East--West2014/West2014/

Integrated Physical and Cybersecurity for Governments and Business

More Related Content

What's hot

Viewers also liked

Similar to Integrated Physical and Cybersecurity for Governments and Business

More from Dr David Probert

Recently uploaded

Integrated Physical and Cybersecurity for Governments and Business